package dk.ihk.shopular.services;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import sun.misc.BASE64Encoder;
import dk.ihk.shopular.models.User;

public class UserService {
	
	private List<User> userPool = new ArrayList<User>();
	
	public UserService() {
		//create some basic users to work with here. 
		//hibernate integration is still missing...
		
		User a = new User();
		a.setName("Tomi");
		a.setPasswordHash("nU4eI71bcnBGqeO0t9tXvY1u5oQ=");
		a.seteMail("flynnzero@gmail.com");
		userPool.add(a);
		
		User b = new User();
		b.setName("Chris");
		b.setPasswordHash("nU4eI71bcnBGqeO0t9tXvY1u5oQ=");
		b.seteMail("chris.stangier@gmail.com");
		userPool.add(b);
		
		User c = new User();
		c.setName("Peter");
		c.setPasswordHash("nU4eI71bcnBGqeO0t9tXvY1u5oQ=");
		c.seteMail("pdsantamaria@gmail.com");
		userPool.add(c);
		
		User d = new User();
		d.setName("Nuno");
		d.setPasswordHash("nU4eI71bcnBGqeO0t9tXvY1u5oQ=");
		d.seteMail("skewww@gmail.com");
		userPool.add(d);
		
	}
	
	
	/**
	 * creates a new user
	 */
	public void createUser(String name, String password, String eMail) {
		User newUser = new User();
		newUser.setName(name);
		newUser.seteMail(eMail);
		newUser.setPasswordHash(password);
	}
	

	/**
	 * removes a new user
	 * @param name
	 */
	public void removeUser(String name) {
		for (User myUser : getUserPool()) {
			if (myUser.getName().equals(name)) userPool.remove(myUser);
		}
	}
	
	
	/**
	 * Returns user with given user name (case sensitive) otherwise null
	 * @param name
	 * @return
	 */
	public User findUserByName(String name) {
		for (User myUser : getUserPool()) {
			if (myUser.getName().equals(name)) return myUser;
		}
		return null;
	}
	
	
	/**
	 * Returnes user with given eMail address otherwise null
	 * @param eMail
	 * @return
	 */
	public User findUserByEMail(String eMail) {
		for (User myUser : getUserPool()) {
			if (myUser.geteMail().equals(eMail)) return myUser;
		}
		return null;
	}
	
	
	/**
	 * is the user who initated this request having valid credentials?
	 * @param request
	 * @return
	 */
	public boolean validAuthentication(HttpServletRequest request) {
		String username = (String) request.getSession().getAttribute("user");
		String password = (String) request.getSession().getAttribute("pass");
		System.out.print("Validating login: " + username + " / " + password + " ->");
		
		if (verifyLogin(username, password)) {
			System.out.println(" ok");
			return true;
		} else 
			System.out.println(" failed");
			return false;
	}
	
	
	/**
	 * is this user / passwordHash combination valid?
	 */
	public boolean verifyLogin(String user, String passwordHash) {
		boolean validCredentials = false;
		
		for (User myUser : getUserPool()) {
			if (myUser.getName().equals(user) &&
				(myUser.getPasswordHash().equals(passwordHash))) {
				validCredentials = true;
			}
		}
		return validCredentials;
	}
	
	/**
	 * returns the currently logged in user
	 * @param request
	 * @return
	 */
	public User getCurrentUser(HttpServletRequest request) {
		 if (validAuthentication(request)) {
			 return findUserByName ((String) request.getSession().getAttribute("user"));
		 } else 
			 return null;
	}

	
	
	/**
	 * perform sha1 hashing on a string. better than md5
	 * @param plaintext
	 * @return
	 */
	public String hash(String plaintext) {
	    MessageDigest md = null;
	    try {
			md = MessageDigest.getInstance("SHA");
			md.update(plaintext.getBytes("UTF-8"));
		} catch (Exception e) {
			e.printStackTrace();
			return null;
		}
	    
	    byte raw[] = md.digest();
	    String hash = (new BASE64Encoder()).encode(raw);
	    return hash;
	}
	
	
	/*
	 * just some getter
	 */
	public List<User> getUserPool() {
		return userPool;
	}
	
}
